WebJob downloads a program over HTTP/HTTPS and executes it in one unified operation. The output, if any, may be directed to stdout/stderr or a WebJob server. WebJob may be useful in incident response and intrusion analysis as it provides a mechanism to run known good diagnostic programs on a potentially compromised system. WebJob also provides a framework that is conducive to centralized management. Therefore, it can support and help automate a large number of common administrative tasks and host-based monitoring scenarios.
SURVIVOR is yet another systems monitor. It consists of a POSIX-thread based scheduler written in C++ running arbitrary checks in a flexible, heterogeneous, bureaucratic, and convoluted environment. It maintains proper state, history, sanity, and attitude, and allows interaction via Web, command, and two-way messaging interfaces.
Cammgr manages a collection of web cameras. It will bring cameras online or offline, and initiate or suspend image capture operations. Any camera can be controlled provided a driver is available. Cammgr supports multiple images per camera, default images for inactive cameras, per- user/host/camera notifications, and an easy-to- use configuration file. It can scan Apache log files to auto-initiate image capture, and tune capture frequency can to the minimum needed to ensure that clients receive a new image on request.
skill sends signals to processes given any combination of user names, ttys, commands, and pids. snice changes the priority of processes (given the same). They are similar to kill(1) and renice(8), but the commandline is order-independent. There are also verbose, search, and interactive modes of operation.
FTimes is a system baselining and evidence collection tool. Its primary purpose is to gather and/or develop topographical information and attributes about specified directories and files in a manner conducive to intrusion and forensic analysis. It was designed to support the following initiatives: content integrity monitoring, incident response, intrusion analysis, and computer forensics.
Ganglia is a scalable distributed monitoring system for high-performance computing systems such as clusters and grids. It is based on a hierarchical design targeted at federations of clusters. Ganglia is currently in use on over 500 clusters around the world and has scaled to handle clusters with 2000 nodes.
Kismet is an 802.11 layer 2 wireless network detector, sniffer, and intrusion detection system. It will work with any wireless card which supports raw monitoring (rfmon) mode, and can sniff 802.11b, 802.11a, 802.11g, and 802.11n traffic (device drivers permitting). It identifies networks by passively collecting packets and detecting standard named networks, detecting (and given time, decloaking) hidden networks, and inferring the presence of non-beaconing networks via data traffic.